Security Lead

alan
Lyon

Health can’t wait .

Not for symptoms to get worse. Not for a six‑month appointment. Not for a system to catch up. But that’s exactly how healthcare works today. You wait, until you can’t.

Alan exists to end the wait.

Health is a universal right, and we believe this right can only become real when it’s coupled with prevention. We need to stop treating health as something we repair and start treating it as something we build, every day. It’s not solely a question of willpower. It’s the healthcare system itself that needs to work for everyone, in a sustainable way.

So we are building the new standard in prevention insurance. Alan is the first company that integrates insurance, prevention, and care into a single, acclaimed user experience.

We are on an incredible journey to build a global leading company, with a unique culture . We already partner with 40K+ companies of all sizes, serving more than 1M+ members, and have reached €800M+ in ARR.

Prevention as the new norm. That's what we're building with our team of 800+ people. If it speaks to you: we're hiring across France, Spain, Belgium, and Canada. And beyond.

The team and your missions

You will lead Alan's Security team, a highly technical group operating across 10+ countries in a regulated health insurance environment. As Security Lead, your missions span four core areas:

  • Lead and grow the security team: Coach, structure, and elevate a team of security experts. Set clear priorities, define ownership, and create conditions for genuine professional growth.

  • Own security in the AI era: Define Alan's posture on AI-driven threats and opportunities. Build frameworks that let product and engineering teams ship AI-powered features safely and at speed.

  • Scale security across 10+ countries: Own the ISMS and certification programme (ISO 27001), navigate a complex multi-regulatory environment (DORA, HDS, RGPD, NIS2, PGSSI-S), and ensure Alan's security programme keeps pace with its geographic expansion.

  • Build and evolve Alan's security strategy: Position security as a long-term business asset and trust-builder for members, regulators, and partners. Align Legal, DPO, Risk, Engineering, and Product on security requirements, and build a security culture that empowers rather than restricts.

The challenge

Alan is a fast-growing health insurer operating in a uniquely complex environment. The challenges you will navigate include:

  • A shifting threat landscape: AI is reshaping both attack vectors and defensive possibilities. You will need a clear point of view on LLM security, agent risks, and AI governance, and the ability to translate that into concrete, actionable priorities.

  • Multi-country regulatory complexity: Operating across 10+ countries means managing a dense, evolving regulatory stack (DORA, HDS, RGPD, NIS2, PGSSI-S) while keeping the business moving. You will need to translate regulatory requirements into technical controls without creating bottlenecks.

  • Health sector specifics: Alan handles sensitive health data at scale. This comes with sector-specific requirements (ANS framework, CERT Santé, HDS) that demand both technical precision and operational rigor.

  • Influencing at scale without direct authority: Security touches every function. Your ability to align Legal, DPO, Risk, Engineering, Product, and Operations, and make them come to you early, will be as important as your technical depth.

  • Running security as a living programme, not a compliance exercise: The goal is not to pass audits. It is to build a programme that feeds real decisions, scales with the company, and earns genuine trust.

Who we are looking for

  • Proven experience leading a security (or security-adjacent) team, with concrete examples of people development and growth

  • At least one full ISO 27001 certification or recertification cycle led end-to-end

  • Solid understanding of the regulatory stack relevant to Alan's context: DORA, HDS, RGPD, NIS2, PGSSI-S

  • Experience running security risk cartography, ideally with EBIOS RM- Experience conducting vendor security assessments and defining contractual security requirements

  • Clear understanding of AI security: LLM threats, agent risks, AI governance frameworks (OWASP LLM Top 10, MITRE ATLAS, EU AI Act)

  • Full professional fluency in English required; French is a plus

  • Bonus: experience in a regulated health sector environment (ANS framework, CERT Santé, HDS)

This position targets level F+ on our level grid .

How we work

Location: You must be legally eligible to work from France. We offer remote work flexibility, but we value in-person collaboration

Important note: we hire people, not roles.

If you're excited about this opportunity but don't check every box, we'd love to hear from you. Everyone, no matter how underrepresented, should feel free to apply, as it can only bring learnings or success.

If you identify yourself as a woman: Did you know that research shows women often apply only when meeting 100% of requirements?

Remember, this is just a guide, not a checklist. We'll be thrilled to receive your application!

Check out our About Alan and Career pages, as well as our Medium , blog and Glassdoor page for more info.

You want to know more about Alan?

Perks & Benefits : Alaners are provided with a stimulating environment and perks ensuring they are happy, efficient and spend only high-quality time with co-workers.

A strong culture : People joining Alan are often surprised and delighted by our innovative working method. We have a set of cultural values that guide our approach to work

Publié le 2026-07-15

Emplois Recommandés

Responsable BU IT (H/F)

Skaelia
Lyon

Présentation de la société Skaelia est un cabinet de conseil en recrutement spécialisé dans les secteurs IT, Business et Conseil. Nous accompagnons les candidats dans la recherche de leur prochain…

Voir les Détails
Publié le 2026-04-17

Auxiliaire de vie H/F

Doum
Lyon

Description de l'offre: Intitulé du poste  : Assistant(e) de Vie aux Familles H/F – CDI + Formation TP ADVF en contrat de professionnalisation Description de l’offre DOUM, service d’aide à d…

Voir les Détails
Publié le 2026-06-16

Tech lead IA F/H

SNCF
Lyon

Piloter, innover et inspirer une équipe de développeurs pour concevoir des solutions techniques performantes et innovantes. En tant que Tech Lead, vous serez au coeur de la conception, du développemen…

Voir les Détails
Publié le 2026-07-03

Chef de Projet IT

Synanto
Lyon

Le poste : Votre agence Synanto Lyon est à la recherche de son futur talent (H/F) ! En tant que Chef de Projet IT (H/F) dans un contexte agile Scrum, vos missions seront les suivantes: ️ 1. Côt…

Voir les Détails
Publié le 2026-07-09

IT Support Technician (Mably)

CEVALogistics
Lyon

CEVA Logistics provides global supply chain solutions to connect people, products, and providers all around the world. Present in 170+ countries and with more than 110,000 employees spread over 1,500…

Voir les Détails
Publié le 2026-07-13

Infirmier(e) Diplômé(e) d'Etat F/H - service de réanimation

Hopital Saint Joseph Saint Luc
Lyon 7e

À propos de nous Ouvert et accueillant, l'Hôpital Saint Joseph Saint Luc situé au cœur de la ville de Lyon, en bordure du Rhône, exerce une mission de service public sur l'ensemble de ses activités mu…

Voir les Détails
Publié le 2026-06-16

Hôpital Lyon Sud - Aide-Soignant (H/F) -Pool de remplacement des unités de chirurgie - Jour 7h30

Lyon

L'ÉTABLISSEMENT : Le Groupement Hospitalier Sud regroupe l'Hôpital Lyon Sud et l'Hôpital Henry Gabrielle. Il est une référence dans la prise en charge des urgences, des femmes enceintes, des patient…

Voir les Détails
Publié le 2025-12-09

Un(e) Assistant(e) Administratif(ve) H/F

Rdp Conseil Tous Droits Réservés
Lyon

Professeur de musique Compositeur Producteur évoluant dans un contexte international, notre client recherche  son Assistant(e) administratif(ve) anglais courant à temps partiel (8 heures / semaine) …

Voir les Détails
Publié le 2025-07-21

Responsable Opérations Chatbot IA (H/F)

Once For All - France
Lyon

La mission d’Once For All est de créer la 1ère plateforme du secteur de la construction qui permette à ses acteurs de gérer leurs risques et leurs responsabilités RSE. Once For All développe une p…

Voir les Détails
Publié le 2026-06-10

Consultante / Consultant Senior Cybersécurité GRC

Forums Talents Handicap
Lyon 1er

Poste ouvert aux personnes en situation de handicap. Vos missions Au sein de l'activité Gouvernance, vous accompagnez ou pilotez, au forfait ou en régie, les activités de sécurité suivantes :…

Voir les Détails
Publié le 2026-06-24